Crash Course: Interior Routing Protocols

Growing pains can cause network pains. As your network expands, you may need a new routing strategy. Choosing the right interior routing protocol is important to maintain consistency and deliver business applications from end to end without undue costs or delays.

In selecting an interior routing protocol, remember the goals of a routing protocol: eliminate loops in the network; quickly detect, advertise and route around unavailable networks; and minimize routing bandwidth use. But even the right routing protocol can't save a poorly designed network, so don't ignore network design and topology.

Controlling network overhead over slow WAN links is a big concern. The less information sent over the links, the better. However, that may limit the information routers need to make routing decisions, so it's a tricky balance.

Before we go too far, let's make sure we're on the same I/O block. A routing protocol is a set of rules by which a Layer 3 router determines the best path, or least-cost route, for a packet or datagram to take to a remote network or endpoint. The routing protocol also dictates how routers send updates to each other, so each knows about interior and/or exterior networks. Interior routing protocols work within the boundaries of an organization and aren't as complex as exterior routing protocols, like BGP-4 (Border Gate Protocol 4), which exchange routing info between organizations.

One Is Plenty

If you have more than one routing protocol in your network, you have more than you need. Multiple routing protocols are redundant and may complicate the network: To select the optimal path, a router may have to decide between two paths that use different metrics. So the router will redistribute the routes using administrative distance, which helps determine the best path among multiple routes provided by different routing protocols.

The key is choosing the best single interior routing protocol for your network, and there are a number from which to choose. Three are in the public domain--RIP, OSPF and IS-IS (Interdomain System-to-Interdomain System). There are also Cisco System's proprietary protocols, IGRP (Interior Gateway Routing Protocol) and EIGRP (Enhanced IGRP). If you're not a Cisco shop, have a small network that's unlikely to grow much and doesn't support VLSM (Variable Length Subnet Masks), go with RIP. If you use VLSM, your choices are OSPF or IS-IS. If you're are a Cisco shop, it's IGRP for a small network and EIGRP for a large one.

Keep in mind that routing protocols require CPU time and memory. The router app's goal is to exchange information on the network with another application running on the router next to it and attain convergence, where all routers agree on the best path over a network.

First, decide if you want a routing protocol with or without class. Class, or classful, routing protocols don't send subnet or netmask information when they update adjacent routers, inefficiently using address space. Since classful protocols don't send subnetting data to update adjacent routers, they don't support VLSM, which allows router interfaces within the same network to have different subnet masks. If your network has VLSM, you need a classless interior routing protocol like EIGRP, IS-IS or OSPF. If your network doesn't have VLSM, use a classful protocol like RIPv1 or IGRP.

If you have a small enterprise network without VLSM or Cisco routers, RIPv1 is your best choice. It's easy to implement on Layer 3 devices, and a simple checkbox or short command enables it for all interfaces. It's cheap, too: RIPv1 comes with any BSD OS. All you have to do is install it on a low-cost, Intel-based system, add a second network card, and you are set to RIP the network. RIP-2 adds packet authentication in two modes: Simple, wherein an unencrypted authentication key is sent with the packet, and MD5. Otherwise, RIP-2 supports all the same features as RIPv1.

But with simplicity, there's always cost. RIPv1 doesn't scale and isn't bandwidth-friendly. Option 1

Interior routing protocols are based on distance vector or link state routing protocols. Classful protocols RIPv1 and IGRP are distance vector protocols, which are designed for small networks. They send periodic updates to adjacent routers to provide loop-free network information.

A router sends a periodic update--every 30 seconds with RIP, every 90 seconds with IGRP. A full table update occurs when a router receives a neighbor's routing table update. The router then updates its table and sends its table to its neighbors (see "Close Up: Distance Vector"). That's chatty, so networks and WANs that are bandwidth-constrained should stay away from RIPv1 and use Cisco's IGRP with caution.

The problem with RIPv1 is that it can only be deployed if the network diameter is 15 hops or less. The number of hops between a router and a remote network or endpoint equals the number of routers between the two points. If you have more than 15 hops between any two endpoints on your network, or if you need to configure a route's metric with a number greater than 15, don't go with RIPv1. It's also not a good fit if you have multiple, unequal (variable bandwidth) paths to remote networks. If a RIPv1 router sees multiple paths to a remote network with the same hop count, it will distribute datagrams (traffic) evenly along those paths. Cool, right? But if those paths have variable bandwidth--one uses a 56-Kbps line and another uses an OC-3, for example--datagrams are allocated in a round-robin, load-balancing mode. Not cool.

If you have a Cisco router, however, you can employ IGRP to use multiple unequal paths more efficiently. The main difference is that, while RIPv1 relies on hop count, IGRP uses a less limiting metric that includes the bandwidth and delay associated with links by default. Information on load, reliability (uptime) and MTU (Maximum Transmission Unit) also can be added to the metric. IGRP can also make use of routing domains to run processes on selected, but not all, routers in the domain. And it has a maximum hop count and network diameter of 100.

If you have just one Cisco router, you can still implement IGRP among RIPv1 routers, because IGRP is good about sharing its routing data with redistribution ("Router Redistribution"). But as the network grows, distance vector-based RIPv1 and IGRP apps may time out. Full-table updates can cause congestion, leading to delays, lost routing data and update retransmission. Further, bottlenecks on routers can reduce their time to convergence: Router memory may run low, and CPU use may be abnormally high.

EIGRP improves on IGRP, increases the potential for network growth and reduces the time to convergence. To do this, EIGRP uses incremental updates with multicast addresses, and a router holds information only about its neighbors. Instead of providing full-table updates, EIGRP builds a routing topology using "Hello" packets and discreet queries. It also supports and uses DUAL (Diffusing Update Algorithm), a sophisticated algorithm that considers link speed, round-trip delay or latency when determining an optimal route.

But if you're not a Cisco shop, the best way to upgrade from distance vector protocols is to a link state routing technology, such as OSPF or IS-IS.

Option 2 Link state protocols, like distance vector protocols, aim to eliminate loops in the network and maintain accurate route tables, but more efficiently. Like distance vector routing protocols, link state protocols exchange data with their directly connected neighbors. But the information relates to the local links on the route, not the routes themselves. Links are the point-to-point connections between the router and its directly connected neighbors. Exchanging links is more efficient because a link can get propagated to all the routers in the network. So, at convergence time, every router has the same picture of the network, calculated from links.

Some link state protocols use multicast to send incremental updates to routing tables. OSPF sends the entire table but cuts routing overhead by sending it only every 30 minutes. But the gain in efficiency brings pain: While requiring fewer network resources than distance vectors, link state protocols are more CPU-intensive.

Like EIGRP, link state-based routers develop relationships with adjacent routers on the same physical network by sending "Hello" packets to their neighboring routers. The router interfaces between these devices must have the same network mask and "hello" timers. As long as the physical link enables hello messages, the routing relationship lasts, but when the link goes down, the hello messages stop. Then, the receiving routers immediately send updates to any other directly connected neighbors.

These incremental updates, called link-state advertisements (LSAs), are sent before regular update timers expire. Once an LSA is received, the router computes a new path and updates its map using the SPF (Shortest Path First) or Dijkstra algorithm. Hence, changes to the network are immediately propagated to neighboring routers.

Unlike distance vector protocols, link state protocols can scale to very large networks. You can create areas and group subnets within OSFP and IS-IS, with each area as a routing entity that exchanges information among the routers in its area. At the border, a border area router exchanges routing information with other areas. This approach cuts down the computation required for routes in large, complex networks because computation is kept within a discreet area and can save on WAN bandwidth. Take Your Pick

Choosing the right interior routing protocol depends on the complexity of your network and bandwidth availability. Relatively simple networks without bandwidth constraints can use a distance vector protocol like RIPv1, or IGRP on Cisco routers. More complex networks require a protocol like EIGRP or OSPF that can calculate the aggregate costs of individual hops and take into account the bandwidth, delay, load, reliability and even the MTU for hops. They provide a fast path to convergence and implement better load-balancing for multiple paths.

Sean Doherty is a senior technology editor and lawyer based at our Syracuse University Real-World Labs®. A former project manager and IT engineer at Syracuse University, he helped develop centrally supported applications and storage systems. Write to him at [email protected].

Close Up: Distance Vector

When more than one routing protocol is used on routers, a redistribution of routes is required. This redistribution aims to calculate the best route to an endpoint among competing routes. With multiple protocols, the router may have multiple entries per network, with various metrics or algorithms used to calculate the route between the router's interfaces and the remote network. The goal for any router is to advertise the best path to the remote network or host.

A RIPv1 route, for example, may have a hop count of 2 and an EIGRP (Enhanced Interior Gateway Routing Protocol) may have a metric of 728. There is no way for the router to decide which route is better based on a variable metric. Hence, an administrative decision is necessary. This administrative decision is made by the "Administrative Distance" of the route. The default administrative distances for various routes using interior gateway protocols for enterprises are:

Like in golf, a lower score makes for a better route. So if your links have network routes that use variable network speeds--an OSPF route uses a 56-Kbps leased line and a RIP route with an OC-3 connection, for example--manual intervention may be required. Otherwise, calculating the administrative distance will favor the slow leased line over the OC-3. You may have to manually configure the routers with more than one protocol. Otherwise, the slow link may get saturated while the fast link grows dark.

Router Redistribution

Distance vector interior routing protocols are easy to implement and require little care and feeding. But there are a few configuration points you need to understand--namely, split horizon, poison reverse, and hold-downs. Table updates adhere to a split horizon rule, which means they don't include information on networks discovered via the interface over which the update is being transmitted. That would be like hearing a story from a friend and then later telling her that same story. The split horizon rule avoids those router "senior moments,", reducing network overhead and eliminating a lot of circular conversation in router updates. But this doesn't prevent loops. That's handled by the poison reverse rule.

Poison reverse prevents loops. This rule requires routers that include all networks learned from their neighbors in their updates, but applies a hop count of 16 to those networks--making them unreachable. The net effect is that the router acknowledges the network view of its neighbor, but does not provide datagrams with a valid path for that view. Using the poison reverse rule, however, increases the size of updates sent between routers.

When a distance vector routing protocol decides a network in its table is no longer valid--either down or no longer accessible--it removes the entry from its table, and sends an update to its neighbors. This is a triggered update, now minus any information about the unreachable network, immediately informs other routers of the network change.

But other routers don't necessarily acknowledge a triggered update immediately, since a router noted in the update may be only temporarily offline after a reset or a when network cable was inadvertently removed. So updated routers go into a hold-down period which, by default, lasts for three routing updates. After that, if the update is real and the change in a network route remains true, the receiving routers finally acknowledge the remote network is down and accept a new routing update, which could contain an alternative route.